You Could Be Among the 1.5 Million Hack Victims OPM Is Trying to Find

If you are one of the millions of people whose sensitive data was stolen from Office of Personnel Management systems, it’s highly likely that you’ve already been notified.

According to OPM, the agency wrapped up its initial mailing of notification letters on Dec. 11 after reaching out to “roughly 93 percent of [the 21.5 million] individuals whose Social Security Number and other personal information was stolen in the cyber incident relating to background investigation records.”

But that means about 1.5 million people are still in the dark and don’t know for certain that their sensitive data was stolen in the massive breach.

If you suspect you were impacted but have not received a letter, you can check your status using the OPM verification website or by calling 866-408-4555 Monday through Friday between 9 a.m. and 9 p.m., EST, to speak to an agent.

“Additional letters will be mailed as individuals contact the verification center or if we can obtain better addresses for letters returned to sender through the postal service,” OPM said. Earlier this month, OPM Press Secretary Sam Schumach said about 4 percent of the letters going out were coming back as undeliverable mail.

“People who receive a letter should confirm that the letter matches those displayed on the OPM website (here’s one sample letter and another for those whose fingerprints were also stolen),” according to OPM. “The letter should direct them to OPM’s cybersecurity page at the address listed above. Any email that asks for personal information, or any version of the letter that does not direct individuals to OPM’s cyber security website, should be considered fraudulent, and reported to local law enforcement, and the Federal Trade Commission (FTC) at https://www.ftccomplaintassistant.gov.”